HotBar.Adware.BrowserHijacker.DDS removal guide

The HotBar.Adware.BrowserHijacker.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What HotBar.Adware.BrowserHijacker.DDS virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid
Anomalous binary characteristics

How to determine HotBar.Adware.BrowserHijacker.DDS?


File Info:
name: CBE00A47E0486819D594.mlw
path: /opt/CAPEv2/storage/binaries/c2942414b51732fce45582b1c1abfd8941c998e9494c0300023e011e0a6e1d73
crc32: 2D9C9D27
md5: cbe00a47e0486819d59461fad9e2c86f
sha1: 0fc32d280bbd03d2f2634d5cf1173b2818ef051d
sha256: c2942414b51732fce45582b1c1abfd8941c998e9494c0300023e011e0a6e1d73
sha512: 149e33dc1295852285988fcb217a51c6e273df585d228c13cfc2d45d626cd00f219dfb39b35f2232799cdf38a713c6a406416416b529d3fb21d3797348e88ca2
ssdeep: 3072:+U4OWT4t809IpN7GXCdOjQE/DX21EJh3IPHag7iV5gkCyQw:+ASU9yNanlr2gIfih3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T153347C26BFB1C0BAD61696354C91CB8911E2FCB19EB603C776D8136F6EE11E21F341A4
sha3_384: dfc51cedc2068290aff662ff1204dccddcf0c3a5e3616b6e8e460ca874d68fcd5f3a4a41b7cf6f8f9b4768b770c3f965
ep_bytes: 60be00e044008dbe0030fbff57eb0b90
timestamp: 2012-03-08 16:05:53

Version Info:
FileDescription: Installer
FileVersion: 2.0.655.0
ProductVersion: 2.0.655.0
Translation: 0x0409 0x30ed

HotBar.Adware.BrowserHijacker.DDS also known as:

Bkav	W32.AIDetectMalware
Lionic	Riskware.Win32.Convagent.1!c
AVG	Win32:Evo-gen [Trj]
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Gen:Variant.Zusy.427394
FireEye	Generic.mg.cbe00a47e0486819
ALYac	Gen:Variant.Zusy.427394
Malwarebytes	HotBar.Adware.BrowserHijacker.DDS
VIPRE	Gen:Variant.Zusy.427394
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/grayware_confidence_100% (W)
Alibaba	Trojan:Win32/HotBar.a37e11e7
K7GW	Riskware ( 0040eff71 )
K7AntiVirus	Riskware ( 0040eff71 )
BitDefenderTheta	Gen:NN.ZexaE.36348.om0@aGp1Z2hi
Cyren	W32/HotBar.S.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Cynet	Malicious (score: 100)
APEX	Malicious
BitDefender	Gen:Variant.Zusy.427394
SUPERAntiSpyware	PUP.Hotbar/Variant
Avast	Win32:Evo-gen [Trj]
Emsisoft	Gen:Variant.Zusy.427394 (B)
F-Secure	Heuristic.HEUR/AGEN.1321555
Baidu	Win32.Adware.Hotbar.a
Zillya	Adware.Convagent.Win32.2901
TrendMicro	TROJ_GEN.R002C0WGS23
McAfee-GW-Edition	BehavesLike.Win32.RealProtect.dh
Trapmine	suspicious.low.ml.score
Sophos	Generic Reputation PUA (PUA)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Zusy.427394
Avira	HEUR/AGEN.1321555
MAX	malware (ai score=82)
Antiy-AVL	Trojan/Win32.TSGeneric
Arcabit	Trojan.Zusy.D68582
Microsoft	Trojan:Win32/Sabsik.RD.A!ml
Google	Detected
AhnLab-V3	Adware/Win32.Hotbar.R14391
McAfee	Artemis!CBE00A47E048
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002C0WGS23
Rising	Adware.Hotbar!1.6AAD (CLASSIC)
Ikarus	Trojan.SuspectCRC
Fortinet	W32/ULPM.16C0!tr
Cybereason	malicious.80bbd0
DeepInstinct	MALICIOUS

How to remove HotBar.Adware.BrowserHijacker.DDS?

HotBar.Adware.BrowserHijacker.DDS removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X